edgy on x64: Request for extension of the /.hidden file

t u towsonu2003 at gmail.com
Wed Oct 4 10:10:34 BST 2006


Brandon Holtsclaw wrote:
> Was and is currently disscussed on
> https://wiki.ubuntu.com/KubuntuKDEMedia
> and in the IRC logs for #kubuntu-devel
> 
> two things to note though, it dosent hide anything in the /home dir as
> you sugest ( and thats achieved anyhow via "dot" files currectly ) AND
> it only hides the from the kde file dialogs &/or konqi gui file browser
> ( but again this is all explain'd in the wiki ) 
> 
>>> isn't the hidden file a security risk for Edgy users? if a local
>>> attacker finds a way to change it, wouldn't s/he be able to put anything
>>> s/he wants to the user's home folder, without the user knowing about the
>>> file. wouldn't this make the .hidden file a specific target of attackers?
>> Attacker doesn't need hidden dirs or files to hide something (it allways
>> has /tmp and /var/tmp, tmpfs, etc...). Hidden file isn't a security risk
>> cause if attacker is able to create files in user's dir, then security
>> is allready circumvented. So, hidden file is not a cause, but a
>> consenquence.
> exactly +1
> 
> 
>> (and if you say that it is present in Dapper, which I
>> use, I will be all red and ashamed :) 
> 
> sure its been built into gnome for a long time ( including in dapper ),
> we are just taking advantage of it in edgy for KDE so its new to some
> users, to expirment with this in dapper just make a file named .hidden
> in your / with one line "usr" ( no quotes ) then open natulis and note
> no more /usr is shown in the GUI ( unless "show hidden files" is
> choosen , as with the same in kde )
> 
> Feel free to give input on the wiki or on irc , its more than welcomed ,
> but in short as you asked "yes, it was thought about and discussed"
> 
> 
thanks for all the info. :)

-- 
Please scan all attachments for viruses.
Or (though you might like Rodin) you might as well avoid "The Gates of
Hell" and use Linux.



More information about the ubuntu-devel mailing list